On 12/15/2014 06:19 PM, James Knott wrote:
On 12/15/2014 07:55 PM, John Andersen wrote:
In that case your firewall is broken.
--
Well, port scans, both from www.grc.com and nmap show only ssh and imaps are open. So, how is it broken? Also, would Google and Mozilla, among other be promoting it, if it didn't work through NAT? It's a UDP data stream and other UDP protocols can make it through a firewall and NAT. It requires the firewall to track the connection.
It works because it is NOT going direct, even if you are lead to believe it is. It is being routed through one or more of the firewall piercing (google that) technologies. All connections from your browser are outbound connections. Same with your phone. (do you really think your carrier is going to let you listen on an inbound connections on your phone)? If merely connecting to a website could pass an open socket to some third computer, can you imagine the security risk in that? There would be no possible protections against all sort of mischief. There is a third party involved somewhere for the duration of the connection, just as there is with google remote desktop, google chat, google voice chat, iPhone face-whatever, skype, Tox, etc. It is not going direct. Good protocols use a distributed network of nodes for this, so that it is unhackable. Bad protocols (skype) route all connections first thru their own servers, and then, it both parties are not of interest to the feds, hand them off to distributed servers. Come on, James, you've been around here long enough to have picked up a thing or three about TCP/IP, listening ports, etc... -- After all is said and done, more is said than done. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org